Inter-instance authorization constraints for secure workflow management

Janice Warner, Vijayalakshmi Atluri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

42 Citations (Scopus)

Abstract

Workflows model and control the execution of business process in an organization. They are typically comprised of tasks or logical steps in the business process. To mitigate the ability of insiders to commit fraud, care should be taken that people authorized to perform critical tasks cannot collude. This is typically done through the specification of separation of duty (SOD) constraints. SOD constraints impose restrictions on which users or roles can be assigned to tasks and have been discussed widely in the research literature in the context of a single workflow instance. In this paper, we argue that SOD constraints that span multiple instances of a workflow also need to be considered to mitigate the security fraud. To this end, we extend the notion of SOD to include constraints that span multiple executing instances of a workflow and constraints that also take into consideration the history of completed workflow instances. We present a constraint specification language to specify the inter-instance constraints and propose methodologies to identify the cases in which certain SOD specifications would result in an anomaly. Specifically, we identify 3 types of anomalies, namely, inconsistency, depletion anomaly and overlapping anomaly. The identification and rectification of anomalies are done at both the workfiow specification time as well as at runtime, as appropriate, so that users can be assigned to tasks in a consistent manner.

Original languageEnglish (US)
Title of host publicationSACMAT 2006
Subtitle of host publicationProceedings of the Eleventh ACM Symposium on Access Control Models and Technologies
Pages190-199
Number of pages10
StatePublished - Sep 4 2006
Event11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006 - Lake Tahoe, CA, United States
Duration: Jun 7 2006Jun 9 2006

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
Volume2006

Other

Other11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006
CountryUnited States
CityLake Tahoe, CA
Period6/7/066/9/06

Fingerprint

Specifications
Specification languages
Industry

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Keywords

  • Authorization Constraints
  • Security
  • Workflow

Cite this

Warner, J., & Atluri, V. (2006). Inter-instance authorization constraints for secure workflow management. In SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies (pp. 190-199). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT; Vol. 2006).
Warner, Janice ; Atluri, Vijayalakshmi. / Inter-instance authorization constraints for secure workflow management. SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. 2006. pp. 190-199 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).
@inproceedings{eb4594f2440341318f2ed1bb192f0e1b,
title = "Inter-instance authorization constraints for secure workflow management",
abstract = "Workflows model and control the execution of business process in an organization. They are typically comprised of tasks or logical steps in the business process. To mitigate the ability of insiders to commit fraud, care should be taken that people authorized to perform critical tasks cannot collude. This is typically done through the specification of separation of duty (SOD) constraints. SOD constraints impose restrictions on which users or roles can be assigned to tasks and have been discussed widely in the research literature in the context of a single workflow instance. In this paper, we argue that SOD constraints that span multiple instances of a workflow also need to be considered to mitigate the security fraud. To this end, we extend the notion of SOD to include constraints that span multiple executing instances of a workflow and constraints that also take into consideration the history of completed workflow instances. We present a constraint specification language to specify the inter-instance constraints and propose methodologies to identify the cases in which certain SOD specifications would result in an anomaly. Specifically, we identify 3 types of anomalies, namely, inconsistency, depletion anomaly and overlapping anomaly. The identification and rectification of anomalies are done at both the workfiow specification time as well as at runtime, as appropriate, so that users can be assigned to tasks in a consistent manner.",
keywords = "Authorization Constraints, Security, Workflow",
author = "Janice Warner and Vijayalakshmi Atluri",
year = "2006",
month = "9",
day = "4",
language = "English (US)",
isbn = "1595933549",
series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",
pages = "190--199",
booktitle = "SACMAT 2006",

}

Warner, J & Atluri, V 2006, Inter-instance authorization constraints for secure workflow management. in SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, vol. 2006, pp. 190-199, 11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006, Lake Tahoe, CA, United States, 6/7/06.

Inter-instance authorization constraints for secure workflow management. / Warner, Janice; Atluri, Vijayalakshmi.

SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. 2006. p. 190-199 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT; Vol. 2006).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Inter-instance authorization constraints for secure workflow management

AU - Warner, Janice

AU - Atluri, Vijayalakshmi

PY - 2006/9/4

Y1 - 2006/9/4

N2 - Workflows model and control the execution of business process in an organization. They are typically comprised of tasks or logical steps in the business process. To mitigate the ability of insiders to commit fraud, care should be taken that people authorized to perform critical tasks cannot collude. This is typically done through the specification of separation of duty (SOD) constraints. SOD constraints impose restrictions on which users or roles can be assigned to tasks and have been discussed widely in the research literature in the context of a single workflow instance. In this paper, we argue that SOD constraints that span multiple instances of a workflow also need to be considered to mitigate the security fraud. To this end, we extend the notion of SOD to include constraints that span multiple executing instances of a workflow and constraints that also take into consideration the history of completed workflow instances. We present a constraint specification language to specify the inter-instance constraints and propose methodologies to identify the cases in which certain SOD specifications would result in an anomaly. Specifically, we identify 3 types of anomalies, namely, inconsistency, depletion anomaly and overlapping anomaly. The identification and rectification of anomalies are done at both the workfiow specification time as well as at runtime, as appropriate, so that users can be assigned to tasks in a consistent manner.

AB - Workflows model and control the execution of business process in an organization. They are typically comprised of tasks or logical steps in the business process. To mitigate the ability of insiders to commit fraud, care should be taken that people authorized to perform critical tasks cannot collude. This is typically done through the specification of separation of duty (SOD) constraints. SOD constraints impose restrictions on which users or roles can be assigned to tasks and have been discussed widely in the research literature in the context of a single workflow instance. In this paper, we argue that SOD constraints that span multiple instances of a workflow also need to be considered to mitigate the security fraud. To this end, we extend the notion of SOD to include constraints that span multiple executing instances of a workflow and constraints that also take into consideration the history of completed workflow instances. We present a constraint specification language to specify the inter-instance constraints and propose methodologies to identify the cases in which certain SOD specifications would result in an anomaly. Specifically, we identify 3 types of anomalies, namely, inconsistency, depletion anomaly and overlapping anomaly. The identification and rectification of anomalies are done at both the workfiow specification time as well as at runtime, as appropriate, so that users can be assigned to tasks in a consistent manner.

KW - Authorization Constraints

KW - Security

KW - Workflow

UR - http://www.scopus.com/inward/record.url?scp=33748053971&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33748053971&partnerID=8YFLogxK

M3 - Conference contribution

SN - 1595933549

SN - 9781595933546

T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

SP - 190

EP - 199

BT - SACMAT 2006

ER -

Warner J, Atluri V. Inter-instance authorization constraints for secure workflow management. In SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies. 2006. p. 190-199. (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).